Skillv3.1.0

ClawScan security

Apechain Reader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 19, 2026, 11:51 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, docs, and runtime instructions are consistent with a wallet-analysis tool: it uses public RPC endpoints and optional Alchemy/CoinGecko lookups, and it does not request unexplained credentials or perform unexpected operations.
Guidance: This skill appears to be what it claims: a Node.js-based wallet analyzer that queries public RPC endpoints, CoinGecko, and optionally Alchemy. Before installing, consider: (1) the scripts will make network calls to third‑party RPC providers (listed in references/CHAINS.md) — those providers will see the addresses you query, (2) eth_getLogs over large block ranges can be heavy and may hit rate limits or cause large data transfers, (3) if you care about privacy or API quotas, provide your own RPC/Alchemy endpoints or API keys rather than using defaults, and (4) review the full scripts (especially scripts/lib/rpc.js which handles network endpoints/behaviour) yourself if you want to ensure no hidden telemetry or unexpected outbound endpoints are present. If you need higher assurance, run the scripts in a sandboxed environment and/or configure custom RPC endpoints before use.

Review Dimensions

Purpose & Capability: okName/description (multi‑chain wallet analysis, NFT resolution, bot detection) align with the included scripts (wallet-lookup, nft-holdings, tx-history, contract-info, bot-detect) and the documented optional ALCHEMY_API_KEY/CoinGecko usage. The declared lack of required env vars and optional Alchemy key is coherent with the code and README.
Instruction Scope: noteSKILL.md instructs running the included Node.js scripts which call chain RPCs, CoinGecko and optionally Alchemy. This matches the stated purposes, but the scripts perform eth_getLogs over a large block range (latest - 1,000,000) and make multiple RPC calls — expected for this domain but can be heavy, reveal queried addresses to RPC providers, and may hit rate limits. No instructions ask the agent to read unrelated local files or transmit data to unexpected endpoints in the provided content.
Install Mechanism: okNo install spec; code is bundled with the skill and relies only on Node.js (v16+). No external arbitrary download or post-install steps are present in metadata. This is low risk from an install-mechanism perspective.
Credentials: okThe skill declares no required credentials and only an optional ALCHEMY_API_KEY for improved name resolution. That is proportionate to the features (collection name resolution). There are no requests for unrelated secrets or system credentials.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent system privileges. It does not attempt to modify other skills or system-wide configs in the provided files. Autonomous invocation is allowed (platform default) but not combined with other red flags.